Research shows that employees who are untrained on cyber security best practices often constitute the greatest threat to the very organizations they work for.
Did you know that companies that don't implement programs for security awareness experience breaches at a rate 4 times higher than institutions who do implement such measures?
The security game has changed. It used to be enough to protect the perimeter of your IT infrastructure with firewalls and endpoint security.
While that's still important - cyber security requires a layered approach - the perimeter has become comprised by recent technology changes, including the growing use of cloud-based applications and explosive use of mobile devices.
While some employees intentionally compromise the companies they work for, more incidents happen through negligence, insufficient training or security protocols which are vague or even non-existent.
Malware is now one of the fastest growing causes of data breaches, and it's almost always employee error that let's these hackers into your organization.
User identities and passwords have now become the primary targets!
Start with a Cyber Security Policy
After a thorough security audit, every organization needs to create and document a robust security policy. Many small businesses think that there is little need for them to implement such measures, but size is irrelevant when it comes to cyber security.
In fact, small businesses and non-profits are MORE likely to be the target of hackers and suffer a data breach, as they are thought to have tighter budgets and therefore more likely to skimp on security.
Employees are absolutely the first line of defense when it comes to an institution’s cyber security, so step number two is:
Train Your Employees on Security Best Practices
- Make sure that all passwords are no less than 12 characters long, and should include letters, numbers and symbols
- Passwords should never be shared, even with other employees
- Passwords should be changed every three months, and the same password should never be used more than once
- Never open attachments from un-trusted sources, and avoid responding to emails that request sensitive information about the company
- Pay attention to where you’re sending your emails - glance up at the “send to” field before hitting the “send” button to ensure you’re sending to the right party, especially if you’re about to send information which is sensitive
- Because more people are using portable devices such as laptops, tablets and smartphones, there is increased risk of these devices being stolen, which compromises all the data held on them - it is important to secure these devices at all times, both physically and with passwords
In order for an organization to remain secure, both its employees and the organization as a whole must design, implement and follow security measures. Employees that don’t comply should face disciplinary action or even termination, as the consequences of a data breach can be truly devastating.
Want to learn more? Click below to request a complimentary consultation on how we can help your with your cyber security needs.